Today marks Microsoft’s December 2023 Patch Tuesday, during which they are releasing security fixes for a total of 34 vulnerabilities. Additionally, they are addressing one previously revealed vulnerability in AMD CPUs that has not yet been patched.
Microsoft addressed a total of eight remote code execution (RCE) vulnerabilities, but only classified three of them as critical. There were a total of four significant vulnerabilities, including one in Power Platform (Spoofing), two in Internet Connection Sharing (Remote Code Execution), and one in Windows MSHTML Platform (Remote Code Execution).
The quantity of insects in each vulnerability category is enumerated below:
There are 10 vulnerabilities related to the elevation of privilege.
There are 8 vulnerabilities that allow for remote code execution.
There are six vulnerabilities related to the disclosure of information.
There are five vulnerabilities related to Denial of Service.
There are five vulnerabilities related to spoofing.
The overall tally of 34 defects does not encompass the 8 Microsoft Edge problems that were resolved on December 7th.
To obtain further information regarding the non-security updates that were released today, we recommend reviewing our specialized articles on the new Windows 11 KB5033375 cumulative update and Windows 10 KB5033372 cumulative update.
A single zero-day vulnerability that was made public has been resolved.
The latest Patch Tuesday addresses a previously unpatched AMD zero-day vulnerability that was disclosed in August.